package com.itqf.shiro;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/**
 * projectName: rbacgp8
 *
 * @author: 赵伟风
 * time: 2021/8/13 11:18
 * description: 授权操作
 */
public class AuthorizationDemo {


    public static void main(String[] args) {

        //1. 创建SecurityManager
        IniSecurityManagerFactory factory = new IniSecurityManagerFactory("classpath:shiro.ini");
        SecurityManager instance = factory.getInstance();

        SecurityUtils.setSecurityManager(instance);

        //2. 获取Subject进行认证

        Subject subject = SecurityUtils.getSubject();

        //3. 认证检查

        UsernamePasswordToken token = new UsernamePasswordToken("ergouzi", "123");

        try {
            subject.login(token);
        }catch (AuthenticationException ex){
            System.out.println("认证失败!");
        }

        //4. 授权操作

        if (subject.isAuthenticated()) {
            //认证成功

            /**
             * 授权:
             *   1.通过角色的角度进行授权操作
             *   2.通过权限的角度进行授权操作
             */

            /**
             * 1.通过角色的角度进行授权操作
             */
            /**
             * 角色检查
             *   has系列
             */
            boolean teacher = subject.hasRole("teacher");
            System.out.println("teacher = " + teacher);

            List<String> roles = new ArrayList<>();
            roles.add("teacher");
            roles.add("admin");
            boolean[] hasRoles = subject.hasRoles(roles);
            System.out.println("hasRoles = " + Arrays.toString(hasRoles));


            boolean b = subject.hasAllRoles(roles);
            System.out.println("b = " + b);


            /**
             *   check系列  抛出异常 AuthorizationException
             */
            try {
                subject.checkRole("aa");
            }catch (AuthorizationException exception){
                System.out.println("没有aa角色!");
            }


            try {
                //and
                subject.checkRoles("aa","teacther");
            }catch (AuthorizationException exception){
                System.out.println("没有aa/teacther角色!");
            }


            try {
                //and
                subject.checkRoles(roles);
            }catch (AuthorizationException exception){
                System.out.println("没有admin/teacther角色!");
            }


            /**
             * 权限检查
             *   is 返回boolean
             */

            boolean[] permitted = subject.isPermitted("a", "f", "h");
            System.out.println("permitted = " + permitted);

            /**
             * check
             */
            try {

                subject.checkPermissions("class:a");
                System.out.println("有a b权限");
            }catch (AuthorizationException e){
                System.out.println("没有a/b权限");
            }


        }


    }



}
